This page aggregates publicly disclosed CVE and security risk information related to vnc, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2006-2369 | RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password. | [email protected] | 7.5 | 91.52% | 2006-05-15 | 2026-04-16 |
| CVE-2004-1750 | RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900. | [email protected] | 5.0 | 1.70% | 2004-12-31 | 2026-04-16 |